Rdp via upnp

To give RDP external mgt to servers and let users remotely access desktops I was using UPnP to forward firewall external IP address with port number that through upnp transates to internal IP and rdp port.
I.E. RDP to 123.241.3.85:50009 Firewall/UPnP 192.168.2.24:3389
I was recently told this very insecure (obviously hacker can try this port), but also told that most firewalls do not filter ports in this high of range (what is consequence of not filtering if this is the case?). I was trying to avoid managing Desktop vpn software (this is from XPpro to XP pro, or Xppro to win2003 server), and have had little luck configuring xp native vpn connection. Thanks, experts

Your best bet is to use a single Windows 2003 server to give VPN access to users. You are currently using a solution that isn't very secure and not scalable.

Even better, invest in a small business firewall if that's what you have like the Cisco ASA 5505 or one from the other vendors for a few hundred bucks and that'll provide you pretty good VPN access into your network

Hmmm. You have to be pragmatic about these things. opening any port for any protocol is a security risk by definition as you are opening a hole in your perimeter. You need to weigh up the pro's & con's for your scenario. Limiting the addresses to known sources is one way but this does not fit in with upnp which is, of course, dynamic.

I would agree that having a device to front this traffic would likely be the best way forward; even some of the simple adsl routers will often let you enter in the source addresses that are allowed to access a protocol.

0

Featured Post

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management? Have you ever backed up the firewall policy residing on the SmartCenter? If you have then you know the hassles of connecting to the server, doing an upgrade_…

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…

In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…